Attack Spotlight: OneDrive Phishing Campaign

Share this content in seconds -- simply copy and paste the following text into an email and send it to your end users.

Email Subject:

Attack Spotlight: Fake OneDrive Emails Steal Logins

Email Body:


Be on the lookout for a current cyberattack that tries to trick you by mimicking Microsoft OneDrive emails. Attackers are sending fraudulent emails that invite users to view or download a document in OneDrive. The emails contain a link to an authentic-looking (but fake) OneDrive login page that attackers use to steal your login credentials and access your account.

The link below takes you to a brief (two-minute) module that helps you identify the attack and explains what to do if you see it.

Link to Module:

(Note: This link will take you to the website of Wombat Security, a division of Proofpoint.)

You can also read the PDF for more information.

Awareness Module >

Teachable Moments PDF>

*We recommend that you download the PDF and attach it to your email. If you prefer, you can also include a direct link to the PDF.

More Attack Spotlight Content

Attack Spotlight provides infosec professionals with free, actionable content designed to arm end users against the most relevant real-world phishing attacks and lures being seen in the wild.